Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2005-0159

Published: 27/04/2005 Updated: 11/07/2017
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.

Vulnerable Product Search on Vulmon Subscribe to Product

debian toolchain-source 3.0.4

debian toolchain-source 3.0.3-1

debian toolchain-source 3.0.3-2

debian toolchain-source 3.0.3-3

debian debian linux 3.0

Vendor Advisories

Debian Security Advisories: DSA-679-1 toolchain-source -- insecure temporary files
Sean Finney discovered several insecure temporary file uses in toolchain-source, the GNU binutils and GCC source code and scripts These bugs can lead a local attacker with minimal knowledge to trick the admin into overwriting arbitrary files via a symlink attack The problems exist inside the Debian-specific tpkg-* scripts For the stable distribu ...

References

NVD-CWE-Otherhttp://www.debian.org/security/2005/dsa-679http://www.securityfocus.com/bid/12540http://secunia.com/advisories/14277https://exchange.xforce.ibmcloud.com/vulnerabilities/19317https://nvd.nist.govhttps://www.debian.org/security/./dsa-679
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2024-5274CVE-2020-17519CVE-2024-35340CVE-2021-47558localXML injectionCVE-2021-47519CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook